In previous VS "Orcas" post, we took a peek at Client Application Services, a part of .NET Framework 3.5 and the related System.Web.Extensions.dll. We also created a simple WCF LoginService, used for authenticating users against a Membership database, similar to what we're already using with ASP.NET 2.0.
Now, we're going to use that same login service, but in a different way. We won't be calling that service directly; instead, we're going to make our Login form call that service automatically, whenever our application would require user authentication. Sounds like what your current ASP.NET application is doing? Enter ClientFormsAuthenticationMembershipProvider...
The scenario is pretty much the same as with building web application. For starters, let's take our existing ClientService WCF project, and add a new Windows Forms project... I've called it ClientApplication. Before continuing, we'll have to add references to System.Web.dll and System.Web.Extensions.dll assemblies
Our first step is building a simple LoginForm to make user provide a username and a password. Adding the "Remember me" checkbox is optional, but you'd be missing out if you omitted it.
The important part in making a login form is implementing IClientFormsAuthenticationCredentialsProvider interface. This interface only cone method we'll have to implement - GetCredentials(). We'll use this method to return entered user credentials to the calling Membership provider:
public ClientFormsAuthenticationCredentials GetCredentials()
ClientFormsAuthenticationCredentials credentials =
All that's left is to configure Membership provider to use and connect our LoginService and our Login form. Here's a snippet to include in our app.config file:
<membership defaultProvider="Default" >
System.Web.Extensions, Version=220.127.116.11, Culture=neutral,
To use our Membership provider, simply call Membership.ValidateUser(string.Empty, string.Empty) from anywhere in the code to trigger provider asking for user credentials. When triggered, our Login form would be displayed and entered credentials would be validated against out Login service. After successful validation, application will continue to run in the context of validated user.
We've only just scratched the surface of what Client Application Services have to offer, there's a whole lot more goodies out there. More on that in next posts.